way to test "strength" of my passwords?

I was wondering if there was a sort of password cracker simulator that I could use to see how long it would take to crack my passwords(s).

Obviously not online...

I've never tried cracking and stuff but lately am getting paranoid and kinda want to see if my, already lengthy, password is "enough" or just as much a joke as using "abc123" or something like that. It's not like I want to have to get into making frikken passphrases that are a chapter long neither.

I was wondering if there was a sort of password cracker simulator that I could use to see how long it would take to crack my passwords(s).

Obviously not online...

I've never tried cracking and stuff but lately am getting paranoid and kinda want to see if my, already lengthy, password is "enough" or just as much a joke as using "abc123" or something like that. It's not like I want to have to get into making frikken passphrases that are a chapter long neither.

Use Keychain Access to check the strength of your password.[list=1][*]Open Keychain Access (located in Applications>Utilities)[*]Go to menu Edit>Change password for keychain[*]Click the "i" icon[*]Now in the new password field (no need to enter your old password) start typing letters of your new password. As you type in real time you will be told the strength of your password.[/list=1]

John the Ripper seems to be the "standard" password strength tester (i.e. password cracker). It's easy to use if you're familiar with the command line. It uses brute force guessing, but you can google around for word lists to add to it.

The general rule for brute-force is that longer is better, mix cases, and stir in numbers. Do all that, and it's extremely difficult to crack the password. Unless it's on someone's word list. So avoid any words or phrases that might be found in any dictionary, anywhere. That includes foreign languages, made up languages, names, and 133tsp33k. For example, taking a dictionary word and replacing letters with the obvious numbers (i -> 1, e -> 3) doesn't help much.

long pass-words or pass-phrases are a lot better than short ones. and phrases in general are a lot better than words. even phrases of normal english words. most dictionaries (used in dictionary attacks) only have single words, and don't compute any phrases. If you can commit to memory some short phrase, like "isn't this phrase stupid", it would be a lot more secure than any single or short combination of letters/numbers/characters you can come up with. problem, of course, being that you have to remember capitalization, spacing and punctuation, if u use them. but as an added benefit, if u write down "isn't this phrase stupid" on some non-descript piece of paper around your computer, most people wouldn't automatically think thats your passphrase.

there was an article written by some ms guy recently (and posted on /.) about the strength of pass-words and pass-phrases. and of course, windows security is different from osx, but the idea is still the same. bigger is better.

I dont know if this in the standard Firefox but I downloaded the latest nightly build of Firefox from http://homepage.mac.com/krmathis/ (optimized for G4) and went through the preferences and you can set a master password (like Keychain manager but just for Firefox) and when you set the password, there is a similar feedback visula to the Keychain manager's "password strength-o-meter" that lets you know how "good" your password is.